Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,101 advisories

Loading
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation... Critical Unreviewed
CVE-2022-45100 was published Feb 1, 2023
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated... High Unreviewed
CVE-2022-22549 was published Apr 13, 2022
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up... Critical Unreviewed
CVE-2022-31733 was published Feb 3, 2023
Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in... Moderate Unreviewed
CVE-2022-34404 was published Feb 11, 2023
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. High Unreviewed
CVE-2016-10937 was published May 24, 2022
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of... Moderate Unreviewed
CVE-2022-48306 was published Feb 16, 2023
Jenkins Codefresh Integration Plugin Improper Certificate Validation vulnerability Moderate
CVE-2019-10381 was published for org.jenkins-ci.plugins:codefresh (Maven) May 24, 2022
Jenkins VMware Lab Manager Slaves Plugin vulnerable to Improper Certificate Validation Moderate
CVE-2019-10382 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0... High Unreviewed
CVE-2022-39948 was published Feb 16, 2023
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a... High Unreviewed
CVE-2022-27890 was published Feb 16, 2023
It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a... Low Unreviewed
CVE-2022-48307 was published Feb 16, 2023
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a... Low Unreviewed
CVE-2022-48308 was published Feb 16, 2023
Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on... High Unreviewed
CVE-2022-4895 was published Feb 28, 2023
Elastic APM agent for Ruby vulnerable to Improper Certificate Validation High
CVE-2019-7615 was published for elastic-apm (RubyGems) May 24, 2022
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax... Moderate Unreviewed
CVE-2020-5367 was published May 24, 2022
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting... High Unreviewed
CVE-2021-25636 was published Feb 25, 2022
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a... Critical Unreviewed
CVE-2022-26305 was published Jul 26, 2022
HashiCorp Consul Privilege Escalation Vulnerability High
CVE-2021-37219 was published for github.com/hashicorp/consul (Go) Sep 8, 2021
tdunlap607
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of... High Unreviewed
CVE-2023-20963 was published Mar 24, 2023
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. Critical Unreviewed
CVE-2022-45597 was published Mar 25, 2023
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded... High Unreviewed
CVE-2022-27644 was published Mar 29, 2023
Jenkins Image Tag Parameter Plugin improperly introduces option to opt out of SSL/TLS certificate validation Moderate
CVE-2023-30516 was published for org.jenkins-ci.plugins:image-tag-parameter (Maven) Apr 12, 2023
Jenkins NeuVector Vulnerability Scanner Plugin disables SSL/TLS certificate and hostname validation Moderate
CVE-2023-30517 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Apr 12, 2023
A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All... Moderate Unreviewed
CVE-2023-23588 was published Apr 11, 2023
A user with a compromised configuration can start an unsigned binary as a service. High Unreviewed
CVE-2023-28093 was published Apr 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database